Feds reportedly plan to prosecute hackers sponsored by other nations

Possible targets also include governments and companies involved in intrusions.

US Justice Department officials plan to bring criminal charges against hackers, governments, and companies involved in nation-sponsored computer intrusions on US companies, according to a published report.

"I'll give you a prediction," John Carlin, the principal deputy assistant attorney general in the national security division of the Department of Justice, told a DefenseNews reporter. "Now that we are having people look at bringing one of these cases, it's there to be brought and you'll see a case brought."

More than 100 prosecutors are being trained to participate in the new initiative, which is being organized by a little-noticed program known as the national security cyber specialist network. Prosecutors plan to work with agents in the FBI to find additional cases to bring. Prosecutors could possibly call on investigators in the National Security Agency, the Department of Defense, and other agencies for additional help.

Hackers sponsored, or at least tolerated, by the Chinese government have been blamed for computer espionage attacks over the past five years that are alleged to have siphoned gigabytes worth of sensitive data from US defense contractors and companies in the software, pharmaceutical, and energy industries. One of the more recently reported intrusions reportedly hit Telvent Canada Ltd., a large supplier of computerized control systems for companies in the energy, transportation, and other industries. Researchers have tied Chinese hackers to espionage campaigns on scores of other companies and agencies, including RSA and the Pentagon.

State-sponsored attempts to access classified and proprietary US information grew 75 percent during the fiscal 2010 and 2011, according to a separate report.

According to DefenseNews, there are a variety of targets US prosecutors could indict. Most obviously, the targets include the hackers themselves, but Carlin also said the governments they work for or the companies using stolen intellectual property could also be charged.

"According to DefenseNews, there are a variety of targets US prosecutors could indict"

First they will all say how doing this is a Great Thing.And I do love our America.I am an American first !!!Sounds real good to as someone who loves his Nation but just wait a little while.We have already seen how our US Government Works.We are not fools.How long do you think it will take before we see US Citizens and Peaceful Type Protesting "Hackers" getting nice big Double Figure Sentences.This whole thing kind of has the stench of "Patriot Act" on it.

"According to DefenseNews, there are a variety of targets US prosecutors could indict"

First they will all say how doing this is a Great Thing.Sounds real good to as someone who loves his Nation but just wait a little while.We have already seen how our US Government Works.We are not fools.How long do you think it will take before we see US Citizens and Peaceful Type Protesting "Hackers" getting nice big Double Figure Sentences.This whole thing kind of has the stench of "Patriot Act" on it.

The Road to Hell is paved with Good Intentions.

FBI already prosecutes US citizens when they hack govenrment or civilian sites while on US soil. Who do you think put LulzSec in jail?

Double standards considering the US does the same with doing hacking on other countries.

Not for commercial reasons, though. E.g. I haven't seen any suggestion that our hacking in Iran has provided any commercially valuable information, or that the information has been provided to companies to give them a competitive advantage. The alternative is military action, so I think a good case can be made that the hacking has spared lives. It's difficult to come up with a justification for commercial espionage.

Because you can always state with >95% confidence that the IP address used in the hack represents the nationalities of the hackers.

You can't. But you can take years of geolocation data and extrapolate some meaningful data as to where the hackers are. I stopped doing it at work because I got tired of seeing the same locations over and over. I can say with at least a 70% confidence that an IP doing weird crap at our perimeter will geolocate to China or Russia.

Either all the world's hackers love to have an exit node in Russia or China, or they really are located there. Given other evidence that the two countries are hacking haven, it isn't hard to assume that they are really located there.

So these new prosecutors are going to go over to China, Pakistan, Russia, etc. and say Please give us the hackers you have in your security departments so we can throw their asses in our jails. OK, I don't see any problems with that.

Because you can always state with >95% confidence that the IP address used in the hack represents the nationalities of the hackers.

You can't. But you can take years of geolocation data and extrapolate some meaningful data as to where the hackers are. I stopped doing it at work because I got tired of seeing the same locations over and over. I can say with at least a 70% confidence that an IP doing weird crap at our perimeter will geolocate to China or Russia.

Either all the world's hackers love to have an exit node in Russia or China, or they really are located there. Given other evidence that the two countries are hacking haven, it isn't hard to assume that they are really located there.

See how that works?

I concur 100%.

Edit, that wasn't meant to be sarcastic seeing as I used percents twice, I really do agree.

The Feds really ought to just stick to "policing" their own country. It's this idea that America can treat and police the rest of the world like it is America that makes America unpopular abroad. A complete lack of respect to the rest of the world.

Because you can always state with >95% confidence that the IP address used in the hack represents the nationalities of the hackers.

You can't. But you can take years of geolocation data and extrapolate some meaningful data as to where the hackers are. I stopped doing it at work because I got tired of seeing the same locations over and over. I can say with at least a 70% confidence that an IP doing weird crap at our perimeter will geolocate to China or Russia.

Either all the world's hackers love to have an exit node in Russia or China, or they really are located there. Given other evidence that the two countries are hacking haven, it isn't hard to assume that they are really located there.

See how that works?

I concur 100%.

Edit, that wasn't meant to be sarcastic seeing as I used percents twice, I really do agree.

I'm going to throw my two cents here along with an upvote. When I got to the point in my career where I was watching traffic bounce off of servers, whether at work or at home, I initially thought it would be fun to resolve IP's and see who's been trying to knock at the doors or which IP's got banhammered. It quickly got boring as it was pretty much China,China,Russia,China,Russia,China,...... Oh! Portugal! China,... The fact that's it's so prevalent and blatant still amazes me. The takeaway: Shore up your defenses. These guys are not going to magically stop anytime soon and they're constantly sniffing the perimeters day and night.

Because you can always state with >95% confidence that the IP address used in the hack represents the nationalities of the hackers.

It's called regular intel and spying, the kind we've been doing for hundreds of years. They already know who some of the Chinese hackers are, they know their names, they know where they live, they have pictures of them. If someone like Krebs can do it sitting at home on his computer, why do you doubt a government agency with taps and people in place and money to burn will have trouble?

And yet I don't see how that gets us to prosecution. These guys are immune and they know it. Worst case, if some huge political/trade battle erupts (the only viable "punishment" against another nation short of war), the Chinese will just haul out a few prisoners for a kangaroo trial and shoot them in the back of the head. "See, we're serious about crime."

The Feds really ought to just stick to "policing" their own country. It's this idea that America can treat and police the rest of the world like it is America that makes America unpopular abroad. A complete lack of respect to the rest of the world.

Um, if they are attacking American companies and governments, it IS policing America.

I'm sorry if it makes us unpopular to defend ourselves, but the "rest of the world" doesn't deserve respect if it harbors and supports individuals that attack American systems.

The Feds really ought to just stick to "policing" their own country. It's this idea that America can treat and police the rest of the world like it is America that makes America unpopular abroad. A complete lack of respect to the rest of the world.

Bollocks.

The US sticks its nose in all sorts of places it doesn't belong, but playing both offense and defense in the espionage game is par for the course for any nation, has been since the creation of the nation-state. If the Chinese actually managed to get their hands on an alphabet agency hacker, you can bet they'd disappear. Whatever their chosen means (human intelligence, signals, etc.) it is the job of a spy to break another country's laws. The idea that the offended country wouldn't try to catch and punish them for such is ludicrous. It's the way the game is played.

If we restrict defense against espionage to only countries that don't perform espionage themselves, the only folks allowed to prosecute spies will be Sealand (and even that's iffy).

but Carlin also said the governments they work for or the companies using stolen intellectual property could also be charged.

I am interested to know how they will indict sovereign governments. That's a new one on me.

Then you haven't been paying attention to the last 6000 years of human history.

It's called going to war.

Clearly you don't pay attention to modern history, circa 1946 or the size of China & Russia and their respective military's.

Yeah good luck with that, considering ~70% of Americans are against starting a fight with Syria & your plan is to start one with China or Russia? The other two most armed nations on earth. I'd love to see the proposals for that one. Its been a while since America has had a real enemy to fight and not some tiny sand nation to step on (Obviously Iraq & Afghanistan were well executed operations against infinitely less armed, organized or trained opponents that are not still going on...) So clearly a fight with Russia or China would be a walk in the park for Team America.

The Feds really ought to just stick to "policing" their own country. It's this idea that America can treat and police the rest of the world like it is America that makes America unpopular abroad. A complete lack of respect to the rest of the world.

Um, if they are attacking American companies and governments, it IS policing America.

I'm sorry if it makes us unpopular to defend ourselves, but the "rest of the world" doesn't deserve respect if it harbors and supports individuals that attack American systems.

No wait.. I'm not sorry.

Slow down there skippy, that swings both ways! The American government harbours, supports and pays the wages of individuals that attack other countries via malware like Flame and Stuxnet. Under your logic, America doesn't deserve respect either, as it's guilty of the exact same thing.

Basically if it's wrong when they do it, it's wrong when you do it. The American government (and the droolers who support everything it does) are simply pussies who can't take a spoon of their own medicine.

Disclaimer: you could replace "America" in the above paragraph with any other powerful country and I would likely still agree with it.

When you think any given action is good when your tribe does it, but bad when another tribe does it to you, we have a word for you... hypocrite, meaning your primitive mentality is the reason we can't have nice things.

You know, the more I think about this the more I'm suspecting it's a cover or dodge for something else. The US government already has trouble sharing information among its own groups, much less with the private sector. Could this be a way to bring certain parties together, under the cover of "attorney client privilege", to give them the information they need? For the other definition of "prosecute".

Quote:

2.a. To pursue (an undertaking, for example) until completion; follow to the very end.b. To chase or pursue (a vessel): "He held a dispatch saying that [they] had prosecuted and probably killed an Echo-class missile submarine" (Tom Clancy).

The Feds really ought to just stick to "policing" their own country. It's this idea that America can treat and police the rest of the world like it is America that makes America unpopular abroad. A complete lack of respect to the rest of the world.

Um, if they are attacking American companies and governments, it IS policing America.

I'm sorry if it makes us unpopular to defend ourselves, but the "rest of the world" doesn't deserve respect if it harbors and supports individuals that attack American systems.

No wait.. I'm not sorry.

Slow down there skippy, that swings both ways! The American government harbours, supports and pays the wages of individuals that attack other countries via malware like Flame and Stuxnet. Under your logic, America doesn't deserve respect either, as it's guilty of the exact same thing.

Basically if it's wrong when they do it, it's wrong when you do it. The American government (and the droolers who support everything it does) are simply pussies who can't take a spoon of their own medicine.

Disclaimer: you could replace "America" in the above paragraph with any other powerful country and I would likely still agree with it.

When you think any given action is good when your tribe does it, but bad when another tribe does it to you, we have a word for you... hypocrite, meaning your primitive mentality is the reason we can't have nice things.

Espionage and war are not hypocritical. You do break laws, and you suffer the consequences. And their guys also break laws, so they suffer the consequences too.

But this is largely about commercial espionage. Stealing business information to provide to other businesses. It's not traditional espionage, it doesn't have anything to do with the state per se (only indirectly). We don't engage in these practices so there's nothing hypocritical about condemning them. Flame and Stuxnet attacked nuclear research, they didn't steal business information for the purpose of aiding US companies in international business.

This is simply a strategy and has symbolic value. These cases will be brought, charges will be laid, and they will sit on the books without going to trial, since the accused are in China, Russia or Iran.

They will continue to sit on the books, with warrants, and will only be brought out if one of the accused happens to stray outside their borders into a place that has an extradition treaty with the U.S. or something similar.

If the U.S gets in the mood, they can "call" out the sponsoring countries during trade talks, etc..

The advantage for the U.S. is that this leaves a public record of their espionage claims and it is NOT extrajudicial. It's within the law and gives an air of legitimacy to their actions. Plus, I doubt the intelligence agencies have very many other ways of going after these hackers or their state sponsors, due to their locations.

It's a gesture or play that gives the U.S. a "legitimate" cause for detaining any of these folks they find outside of their home borders and is useful politically ("See what these states do to us?").

I actually think it's a very good strategy, even if largely symbolic. It won't result in any extrajudicial assassinations or renditions. If they ever catch one of these folks, they'll be forced to process them according to the law, which is generally safer for the accused.

Edit: I also agree with the poster above that this is largely about commercial espionage, so this legal response is completely appropriate. I've got no problem with the U.S. doing this at all.

I'm pretty sure they're talking about US companies and US citizens who are aiding and abetting foreign powers in these attacks. But does this mean that companies who host IP spoofing services et al are now subjected to executed search warrants and possible seizure of data?

The Feds really ought to just stick to "policing" their own country. It's this idea that America can treat and police the rest of the world like it is America that makes America unpopular abroad. A complete lack of respect to the rest of the world.

Um, if they are attacking American companies and governments, it IS policing America.

I'm sorry if it makes us unpopular to defend ourselves, but the "rest of the world" doesn't deserve respect if it harbors and supports individuals that attack American systems.

No wait.. I'm not sorry.

Slow down there skippy, that swings both ways! The American government harbours, supports and pays the wages of individuals that attack other countries via malware like Flame and Stuxnet. Under your logic, America doesn't deserve respect either, as it's guilty of the exact same thing.

Basically if it's wrong when they do it, it's wrong when you do it. The American government (and the droolers who support everything it does) are simply pussies who can't take a spoon of their own medicine.

Disclaimer: you could replace "America" in the above paragraph with any other powerful country and I would likely still agree with it.

When you think any given action is good when your tribe does it, but bad when another tribe does it to you, we have a word for you... hypocrite, meaning your primitive mentality is the reason we can't have nice things.

Espionage and war are not hypocritical. You do break laws, and you suffer the consequences. And their guys also break laws, so they suffer the consequences too.

But this is largely about commercial espionage. Stealing business information to provide to other businesses. It's not traditional espionage, it doesn't have anything to do with the state per se (only indirectly). We don't engage in these practices so there's nothing hypocritical about condemning them. Flame and Stuxnet attacked nuclear research, they didn't steal business information for the purpose of aiding US companies in international business.

I see, so by your rationale it would be OK if they attacked your nuclear infrastructure instead of your businesses?

Also, you are mistaken if you think this is not happening on a nation-state level. As the article mentions the targets are often defense contractors and even the pentagon.

Big yawn there. If they can even reliably identify the perps, they'll probably be living in a country that has no extradition treaties with the U.S., or the nation state was probably contracting the perp to do it on their behalf.

This project looks tailor made to crack down on kids in the UK trying to DDOS web pages over here.

And since the government can't have these freshly minted internet cops sitting around playing Minecraft all day, they'll probably start in on prosecuting US citizens.

The Feds really ought to just stick to "policing" their own country. It's this idea that America can treat and police the rest of the world like it is America that makes America unpopular abroad. A complete lack of respect to the rest of the world.

Um, if they are attacking American companies and governments, it IS policing America.

I'm sorry if it makes us unpopular to defend ourselves, but the "rest of the world" doesn't deserve respect if it harbors and supports individuals that attack American systems.

No wait.. I'm not sorry.

Slow down there skippy, that swings both ways! The American government harbours, supports and pays the wages of individuals that attack other countries via malware like Flame and Stuxnet. Under your logic, America doesn't deserve respect either, as it's guilty of the exact same thing.

Basically if it's wrong when they do it, it's wrong when you do it. The American government (and the droolers who support everything it does) are simply pussies who can't take a spoon of their own medicine.

Disclaimer: you could replace "America" in the above paragraph with any other powerful country and I would likely still agree with it.

When you think any given action is good when your tribe does it, but bad when another tribe does it to you, we have a word for you... hypocrite, meaning your primitive mentality is the reason we can't have nice things.

Espionage and war are not hypocritical. You do break laws, and you suffer the consequences. And their guys also break laws, so they suffer the consequences too.

But this is largely about commercial espionage. Stealing business information to provide to other businesses. It's not traditional espionage, it doesn't have anything to do with the state per se (only indirectly). We don't engage in these practices so there's nothing hypocritical about condemning them. Flame and Stuxnet attacked nuclear research, they didn't steal business information for the purpose of aiding US companies in international business.

I see where you're going with this but It's not black and white this line between commercial and government. The recient data breach from Lockheed Martin is the first example that comes to mind. Boeing and Northrop Grumman can also be lumped into the both commercial and government duality basket. This applies to lots of enterprises.

The Feds really ought to just stick to "policing" their own country. It's this idea that America can treat and police the rest of the world like it is America that makes America unpopular abroad. A complete lack of respect to the rest of the world.

Um, if they are attacking American companies and governments, it IS policing America.

I'm sorry if it makes us unpopular to defend ourselves, but the "rest of the world" doesn't deserve respect if it harbors and supports individuals that attack American systems.

No wait.. I'm not sorry.

Slow down there skippy, that swings both ways! The American government harbours, supports and pays the wages of individuals that attack other countries via malware like Flame and Stuxnet. Under your logic, America doesn't deserve respect either, as it's guilty of the exact same thing.

Basically if it's wrong when they do it, it's wrong when you do it. The American government (and the droolers who support everything it does) are simply pussies who can't take a spoon of their own medicine.

Disclaimer: you could replace "America" in the above paragraph with any other powerful country and I would likely still agree with it.

When you think any given action is good when your tribe does it, but bad when another tribe does it to you, we have a word for you... hypocrite, meaning your primitive mentality is the reason we can't have nice things.

Espionage and war are not hypocritical. You do break laws, and you suffer the consequences. And their guys also break laws, so they suffer the consequences too.

But this is largely about commercial espionage. Stealing business information to provide to other businesses. It's not traditional espionage, it doesn't have anything to do with the state per se (only indirectly). We don't engage in these practices so there's nothing hypocritical about condemning them. Flame and Stuxnet attacked nuclear research, they didn't steal business information for the purpose of aiding US companies in international business.

I see, so by your rationale it would be OK if they attacked your nuclear infrastructure instead of your businesses?

Also, you are mistaken if you think this is not happening on a nation-state level. As the article mentions the targets are often defense contractors and even the pentagon.

By my rationale, if Iran attacked our nuclear infrastructure, that would be a part of the war and espionage that is currently going on. And our response to it would be based on it being a part of war and espionage. For example we might bomb them. None of this seems hypocritical to me. "Not hypocritical" is not a judgement about good and bad, or permissible or not, or advisable or not. Only a judgment of hypocrisy or not.

What would be hypocritical is if Flame captured information about the design of their centrifuges, and we supplied that information to US corporations so they could profit by selling better centrifuges based on that design. That's a pretty implausible idea, isn't it?